Skip to content

POST to /encrypt always comes back with KeyNotInstalledException #767

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jaurakunal opened this issue Aug 5, 2017 · 14 comments
Closed

POST to /encrypt always comes back with KeyNotInstalledException #767

jaurakunal opened this issue Aug 5, 2017 · 14 comments
Labels
duplicate

Comments

@jaurakunal
Copy link

Hi,

I'm using the Spring Cloud Config (Dalston.SR2) to use a git repo to get the application properties. All works fine till i try and use the /encrypt endpoint. With Dalston.SR2, the call to /encrypt ALWAYS comes back with a

{
  "description": "No key was installed for encryption service",
  "status": "NO_KEY"
}

I've made sure that the environment variable ENCRYPT_KEY is set properly.

If I change the version to Camden.SR5. The same configuration works fine and I can use both the /encrypt & /decrypt endpoints. I'm not sure if there's anything else that I need to do apart from

  1. Copy the JCE 8 files to \jre\lib\security
  2. Set the environment variable ENCRYPT_KEY
  3. Hit the /encrypt endpoint with a POST request

Here's a copy of my pom xml.

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>

	<groupId>com.photolove</groupId>
	<artifactId>pl-config-server</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<packaging>jar</packaging>

	<name>pl-config-server</name>
	<description>Application Config Server</description>

	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>1.5.6.RELEASE</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>

	<properties>
		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
		<java.version>1.8</java.version>
		<spring-cloud.version>Dalston.SR2</spring-cloud.version>
	</properties>

	<dependencies>
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-config-server</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-starter-config</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>
	</dependencies>

	<dependencyManagement>
		<dependencies>
			<dependency>
				<groupId>org.springframework.cloud</groupId>
				<artifactId>spring-cloud-dependencies</artifactId>
				<version>${spring-cloud.version}</version>
				<type>pom</type>
				<scope>import</scope>
			</dependency>
		</dependencies>
	</dependencyManagement>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>


</project>

Any help is greatly appreciated. :-)

Cheers
Kunal
@ryanjbaxter
Copy link
Contributor

ryanjbaxter commented Aug 7, 2017
edited
Loading

Yes this is a known issue in Dalston.SR2. #760 You can either try Dalston.SR1 or Dalston.BUILD-SNAPSHOT. We will be releasing Dalston.SR3 shortly with the fix in it.

@jaurakunal
Copy link
Author

@ryanjbaxter Thanks for the tip :-)

@Fydon
Copy link

Fydon commented Aug 29, 2017
edited
Loading

@ryanjbaxter Was this fixed in Dalston.SR3, as I'm still receiving this error with that version?

Dalston.BUILD-SNAPSHOT is using Spring Cloud Config 1.3.3.BUILD-SNAPSHOT and I don't experiencing this problem with that version. There hasn't been a new release of Spring Cloud Config since Dalston.SR2.

@ryanjbaxter
Copy link
Contributor

@Fydon unfortunately we did not release spring cloud config for Dalston.SR3, it was a mistake on our part. The fix will be included in Dalston.SR4, sorry about that.

dschadow added a commit to dschadow/CloudSecurity that referenced this issue Sep 10, 2017
@dschadow
Set to Dalston.SR1 as workaround for spring-cloud/spring-cloud-config…
57d3e75 
…#767
@heyitsaakash heyitsaakash mentioned this issue Sep 26, 2017
Closed
bruce-wan added a commit to bruce-wan/spring-cloud-study that referenced this issue Sep 29, 2017
@bruce-wan
downgrade to Camden.SR7 due to spring-cloud/spring-cloud-config#767. …
e52613a 
…add config server encryption module.
@syr syr mentioned this issue Oct 5, 2017
Closed
@Dr4K4n
Copy link
Contributor

Dr4K4n commented Oct 29, 2017

just wanted to add that this is still an issue with Dalston.SR4. I've downgraded to Camden.SR7 for now. This also fixed another problem of mine. While using a keystore and {cipher}'d passwords, config server was returning the hash as the password, simply removing the {cipher} prefix.

@Fydon
Copy link

Fydon commented Oct 30, 2017

@Dr4K4n This issue was fixed in Spring Cloud Config 1.3.3.BUILD-SNAPSHOT, which is now Spring Cloud Config v1.3.3.RELEASE, which is a part of Spring Cloud Dalston.SR4. Please try Dalston.SR4 again and see if you experience this issue.

@Dr4K4n
Copy link
Contributor

Dr4K4n commented Nov 1, 2017

I've setup i little example project to illustrate the problem, simply build the application with maven und test with test.sh. On my machine it works with Dalston.SR4, but not with Camden.SR7.
https://github.com/Dr4K4n/configserver-767

@Dr4K4n
Copy link
Contributor

Dr4K4n commented Nov 2, 2017

I did some more testing with different Versions of Spring Cloud Config
Working: 1.2.3 (Camden.SR7), 1.3.0, 1.3.1 (Dalston.SR1)
Not Working: 1.3.2 (Dalston.SR2, Dalston.SR3), 1.3.3 (Dalston.SR4)

@Dr4K4n
Copy link
Contributor

Dr4K4n commented Nov 2, 2017
edited
Loading

I've further investigated, the underlying problem seems to be that the KeyProperties in EncryptionAutoConfiguration$DefaultTextEncryptorConfiguration are not read from my application.properties in the affected versions. Hope this info helps pinpointing the source of the problem, my knowledge ends here...

@spencergibb
Copy link
Member

Needs to be in bootstrap.properties

@Dr4K4n Dr4K4n mentioned this issue Nov 2, 2017
Merged
@mahg007
Copy link

mahg007 commented Nov 28, 2017
edited by spencergibb
Loading

@spencergibb thanks.

@Nyamkhuub
Copy link

if you write in the application yaml/properties, get this error. So, a simple solution is just creating bootstrap yaml/properties file.

@DonHamzovic
Copy link

Hi everyone I have the same problem using java 11 and spring-cloud.version 2020.0.0-M5 is there any alternative version that works

@anikanchan
Copy link

Try 20.0.0 for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@Dr4K4n @ryanjbaxter @spencergibb @Fydon @anikanchan @jaurakunal @mahg007 @DonHamzovic @Nyamkhuub